CloudyScripts 1.7.27 → 1.8.29
Sign up to get free protection for your applications and to get access to all the features.
- data/Rakefile +1 -1
- data/lib/audit/benchmark_apache.zip +0 -0
- data/lib/audit/benchmark_full.zip +0 -0
- data/lib/audit/benchmark_ssh.zip +0 -0
- data/lib/audit/checks/benchmark.group +0 -3
- data/lib/audit/checks/benchmark.group.apache +3 -0
- data/lib/audit/checks/benchmark.group.full +6 -0
- data/lib/audit/checks/benchmark.group.ssh +3 -0
- data/lib/audit/checks/benchmark.ssh.zip +0 -0
- data/lib/audit/lib/audit.rb +7 -7
- data/lib/audit/lib/benchmark/audit_benchmark.rb +5 -4
- data/lib/audit/lib/benchmark/benchmark_factory.rb +1 -1
- data/lib/audit/lib/benchmark/check.rb +2 -2
- data/lib/audit/lib/benchmark/group.rb +2 -2
- data/lib/audit/lib/benchmark/rule_result.rb +2 -2
- data/lib/audit/lib/benchmark/yaml_benchmark.rb +6 -7
- data/lib/audit/lib/connection/connection_factory.rb +2 -2
- data/lib/audit/lib/connection/ssh_connection.rb +1 -1
- data/lib/audit/lib/parser/command/attach_file_command.rb +5 -5
- data/lib/audit/lib/parser/command/check_finished_command.rb +3 -3
- data/lib/audit/lib/parser/command/cpe_name_command.rb +4 -4
- data/lib/audit/lib/parser/command/data_command.rb +5 -5
- data/lib/audit/lib/parser/command/listening_port_command.rb +2 -2
- data/lib/audit/lib/parser/command/message_command.rb +4 -4
- data/lib/audit/lib/parser/command/program_name_command.rb +4 -4
- data/lib/audit/lib/parser/script_output_parser.rb +11 -11
- data/lib/audit/lib/ssh_fingerprint.rb +2 -2
- data/lib/audit/lib/transformers/web_view_transformer.rb +2 -2
- data/lib/help/state_transition_helper.rb +60 -3
- data/lib/scripts/ec2/audit_via_ssh.rb +150 -0
- data/lib/scripts/ec2/ec2_script.rb +1 -1
- metadata +176 -157
data/Rakefile
CHANGED
@@ -12,7 +12,7 @@ require 'rake/testtask'
|
|
12
12
|
|
13
13
|
spec = Gem::Specification.new do |s|
|
14
14
|
s.name = 'CloudyScripts'
|
15
|
-
s.version = '1.
|
15
|
+
s.version = '1.8.29'
|
16
16
|
s.has_rdoc = true
|
17
17
|
s.extra_rdoc_files = ['README.rdoc', 'LICENSE']
|
18
18
|
s.summary = 'Scripts to facilitate programming for infrastructure clouds.'
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
data/lib/audit/lib/audit.rb
CHANGED
@@ -1,12 +1,12 @@
|
|
1
1
|
require 'logger'
|
2
2
|
|
3
|
-
require 'connection/connection_factory'
|
4
|
-
require 'benchmark/benchmark_factory'
|
5
|
-
require 'linear_script_generator'
|
6
|
-
require 'parser/script_output_parser'
|
7
|
-
require 'util/random_string'
|
8
|
-
require 'benchmark/benchmark_result'
|
9
|
-
require 'lazy'
|
3
|
+
require 'audit/lib/connection/connection_factory'
|
4
|
+
require 'audit/lib/benchmark/benchmark_factory'
|
5
|
+
require 'audit/lib/linear_script_generator'
|
6
|
+
require 'audit/lib/parser/script_output_parser'
|
7
|
+
require 'audit/lib/util/random_string'
|
8
|
+
require 'audit/lib/benchmark/benchmark_result'
|
9
|
+
require 'audit/lib/lazy'
|
10
10
|
|
11
11
|
class Audit
|
12
12
|
attr_reader :benchmark
|
@@ -1,6 +1,7 @@
|
|
1
|
-
require 'benchmark/check'
|
2
|
-
require 'benchmark/item_exception'
|
3
|
-
require 'lazy'
|
1
|
+
require 'audit/lib/benchmark/check'
|
2
|
+
require 'audit/lib/benchmark/item_exception'
|
3
|
+
require 'audit/lib/lazy'
|
4
|
+
|
4
5
|
|
5
6
|
class AuditBenchmark
|
6
7
|
attr_reader :item_repository
|
@@ -162,4 +163,4 @@ class AuditBenchmark
|
|
162
163
|
:children => Lazy.new(Lazy.new(@children, :reject) {|x| !x.in_report?}, :map) {|child| Lazy.new(child, :to_hash)}
|
163
164
|
}
|
164
165
|
end
|
165
|
-
end
|
166
|
+
end
|
@@ -2,12 +2,11 @@ require 'yaml'
|
|
2
2
|
require 'logger'
|
3
3
|
require 'zip/zip'
|
4
4
|
|
5
|
-
require 'benchmark/group'
|
6
|
-
require 'benchmark/item_exception'
|
7
|
-
require 'benchmark/check'
|
8
|
-
require 'benchmark/audit_benchmark'
|
9
|
-
require 'benchmark/automatic_dependencies'
|
10
|
-
|
5
|
+
require 'audit/lib/benchmark/group'
|
6
|
+
require 'audit/lib/benchmark/item_exception'
|
7
|
+
require 'audit/lib/benchmark/check'
|
8
|
+
require 'audit/lib/benchmark/audit_benchmark'
|
9
|
+
require 'audit/lib/benchmark/automatic_dependencies'
|
11
10
|
|
12
11
|
|
13
12
|
class YamlBenchmark < AuditBenchmark
|
@@ -130,4 +129,4 @@ class YamlBenchmark < AuditBenchmark
|
|
130
129
|
raise ItemNotFoundException.new(id), "Item #{id} not found" if @item_repository[id].nil?
|
131
130
|
return @item_repository[id]
|
132
131
|
end
|
133
|
-
end
|
132
|
+
end
|
@@ -1,7 +1,7 @@
|
|
1
|
-
require 'parser/command/abstract_command_result'
|
2
|
-
require 'parser/command/abstract_command'
|
3
|
-
require 'parser/parse_exception'
|
4
|
-
require 'parser/result_type'
|
1
|
+
require 'audit/lib/parser/command/abstract_command_result'
|
2
|
+
require 'audit/lib/parser/command/abstract_command'
|
3
|
+
require 'audit/lib/parser/parse_exception'
|
4
|
+
require 'audit/lib/parser/result_type'
|
5
5
|
|
6
6
|
class AttachFileCommandResult < AbstractCommandResult
|
7
7
|
attr_reader :file
|
@@ -60,4 +60,4 @@ class AttachFileCommand < AbstractCommand
|
|
60
60
|
def result()
|
61
61
|
return AttachFileCommandResult.new(@check, @severity, @message, @local_path)
|
62
62
|
end
|
63
|
-
end
|
63
|
+
end
|
@@ -1,8 +1,8 @@
|
|
1
1
|
# To change this template, choose Tools | Templates
|
2
2
|
# and open the template in the editor.
|
3
|
-
require 'parser/command/abstract_command_result'
|
4
|
-
require 'parser/command/abstract_command'
|
5
|
-
require 'parser/result_type'
|
3
|
+
require 'audit/lib/parser/command/abstract_command_result'
|
4
|
+
require 'audit/lib/parser/command/abstract_command'
|
5
|
+
require 'audit/lib/parser/result_type'
|
6
6
|
|
7
7
|
class CheckFinishedCommandResult < AbstractCommandResult
|
8
8
|
attr_reader :exit_code
|
@@ -1,6 +1,6 @@
|
|
1
|
-
require 'parser/command/abstract_command'
|
2
|
-
require 'parser/command/abstract_command_result'
|
3
|
-
require 'parser/result_type'
|
1
|
+
require 'audit/lib/parser/command/abstract_command'
|
2
|
+
require 'audit/lib/parser/command/abstract_command_result'
|
3
|
+
require 'audit/lib/parser/result_type'
|
4
4
|
|
5
5
|
class CpeNameCommandResult < AbstractCommandResult
|
6
6
|
def initialize(check, severity, message, cpe_name)
|
@@ -34,4 +34,4 @@ class CpeNameCommand < AbstractCommand
|
|
34
34
|
def result()
|
35
35
|
return CpeNameCommandResult.new(@check, @severity, @message, @cpe_name)
|
36
36
|
end
|
37
|
-
end
|
37
|
+
end
|
@@ -1,7 +1,7 @@
|
|
1
|
-
require 'parser/command/abstract_command'
|
2
|
-
require 'parser/command/abstract_command_result'
|
3
|
-
require 'parser/result_type'
|
4
|
-
require 'parser/parse_exception'
|
1
|
+
require 'audit/lib/parser/command/abstract_command'
|
2
|
+
require 'audit/lib/parser/command/abstract_command_result'
|
3
|
+
require 'audit/lib/parser/result_type'
|
4
|
+
require 'audit/lib/parser/parse_exception'
|
5
5
|
|
6
6
|
class DataCommandResult < AbstractCommandResult
|
7
7
|
attr_reader :key
|
@@ -40,4 +40,4 @@ class DataCommand < AbstractCommand
|
|
40
40
|
def result()
|
41
41
|
return DataCommandResult.new(@check, @severity, @key, @value)
|
42
42
|
end
|
43
|
-
end
|
43
|
+
end
|
@@ -1,8 +1,8 @@
|
|
1
1
|
# To change this template, choose Tools | Templates
|
2
2
|
# and open the template in the editor.
|
3
3
|
|
4
|
-
require 'parser/command/abstract_command'
|
5
|
-
require 'parser/command/abstract_command_result'
|
4
|
+
require 'audit/lib/parser/command/abstract_command'
|
5
|
+
require 'audit/lib/parser/command/abstract_command_result'
|
6
6
|
|
7
7
|
|
8
8
|
class ListeningPortCommandResult < AbstractCommandResult
|
@@ -1,6 +1,6 @@
|
|
1
|
-
require 'parser/command/abstract_command'
|
2
|
-
require 'parser/command/abstract_command_result'
|
3
|
-
require 'parser/result_type'
|
1
|
+
require 'audit/lib/parser/command/abstract_command'
|
2
|
+
require 'audit/lib/parser/command/abstract_command_result'
|
3
|
+
require 'audit/lib/parser/result_type'
|
4
4
|
|
5
5
|
class MessageCommandResult < AbstractCommandResult
|
6
6
|
def initialize(check, severity, message)
|
@@ -18,4 +18,4 @@ class MessageCommand < AbstractCommand
|
|
18
18
|
def result()
|
19
19
|
return MessageCommandResult.new(@check, @severity, @message)
|
20
20
|
end
|
21
|
-
end
|
21
|
+
end
|
@@ -1,6 +1,6 @@
|
|
1
|
-
require 'parser/command/abstract_command'
|
2
|
-
require 'parser/command/abstract_command_result'
|
3
|
-
require 'parser/result_type'
|
1
|
+
require 'audit/lib/parser/command/abstract_command'
|
2
|
+
require 'audit/lib/parser/command/abstract_command_result'
|
3
|
+
require 'audit/lib/parser/result_type'
|
4
4
|
|
5
5
|
class ProgramNameCommandResult < AbstractCommandResult
|
6
6
|
attr_reader :program_name
|
@@ -39,4 +39,4 @@ class ProgramNameCommand < AbstractCommand
|
|
39
39
|
def result()
|
40
40
|
return ProgramNameCommandResult.new(@check, @severity, @message, @name, @version)
|
41
41
|
end
|
42
|
-
end
|
42
|
+
end
|
@@ -1,16 +1,16 @@
|
|
1
1
|
require 'logger'
|
2
2
|
|
3
|
-
require 'parser/command/program_name_command'
|
4
|
-
require 'parser/command/cpe_name_command'
|
5
|
-
require 'parser/command/attach_file_command'
|
6
|
-
require 'parser/command/message_command'
|
7
|
-
require 'parser/command/check_finished_command'
|
8
|
-
require 'parser/command/listening_port_command'
|
9
|
-
require 'parser/command/data_command'
|
10
|
-
require 'parser/parse_exception'
|
11
|
-
require 'benchmark/rule_severity'
|
12
|
-
require 'parser/stdout_line_buffer'
|
13
|
-
require 'benchmark/rule_result'
|
3
|
+
require 'audit/lib/parser/command/program_name_command'
|
4
|
+
require 'audit/lib/parser/command/cpe_name_command'
|
5
|
+
require 'audit/lib/parser/command/attach_file_command'
|
6
|
+
require 'audit/lib/parser/command/message_command'
|
7
|
+
require 'audit/lib/parser/command/check_finished_command'
|
8
|
+
require 'audit/lib/parser/command/listening_port_command'
|
9
|
+
require 'audit/lib/parser/command/data_command'
|
10
|
+
require 'audit/lib/parser/parse_exception'
|
11
|
+
require 'audit/lib/benchmark/rule_severity'
|
12
|
+
require 'audit/lib/parser/stdout_line_buffer'
|
13
|
+
require 'audit/lib/benchmark/rule_result'
|
14
14
|
|
15
15
|
# This class parses the output generated by a sh script.
|
16
16
|
# Each output line is expected to start with the marker LINE_START
|
@@ -1,7 +1,7 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
|
3
3
|
require 'rexml/document'
|
4
|
-
require 'util/random_string'
|
4
|
+
require 'audit/lib/util/random_string'
|
5
5
|
require 'fileutils'
|
6
6
|
require 'socket'
|
7
7
|
require 'timeout'
|
@@ -217,4 +217,4 @@ module SSH_FINGERPRINT
|
|
217
217
|
:algorithms => get_algorithms(host, port),
|
218
218
|
:version1 => version1_supported?(host, port)}
|
219
219
|
end
|
220
|
-
end
|
220
|
+
end
|
@@ -3,8 +3,8 @@
|
|
3
3
|
|
4
4
|
# icons taken from http://www.famfamfam.com/lab/icons/silk/
|
5
5
|
|
6
|
-
require 'benchmark/audit_benchmark'
|
7
|
-
require 'parser/result_type'
|
6
|
+
require 'audit/lib/benchmark/audit_benchmark'
|
7
|
+
require 'audit/lib/parser/result_type'
|
8
8
|
require 'logger'
|
9
9
|
|
10
10
|
class WebViewTransformer
|
@@ -96,6 +96,7 @@ module StateTransitionHelper
|
|
96
96
|
# * ami_id => ID of the AMI to be launched
|
97
97
|
# * key_name => name of the key to access the instance
|
98
98
|
# * security_group_name => name of the security group to be used
|
99
|
+
# * type => type of instance to start
|
99
100
|
# Returned information:
|
100
101
|
# * instance_id => ID of the started instance
|
101
102
|
# * dns_name => DNS name of the started instance
|
@@ -103,7 +104,7 @@ module StateTransitionHelper
|
|
103
104
|
# * kernel_id => EC2 Kernel ID of the started instance
|
104
105
|
# * ramdisk_id => EC2 Ramdisk ID of the started instance
|
105
106
|
# * architecture => architecture (e.g. 386i, 64x) of the started instance
|
106
|
-
def launch_instance(ami_id, key_name, security_group_name, ec2_handler = nil)
|
107
|
+
def launch_instance(ami_id, key_name, security_group_name, ec2_handler = nil, type = nil)
|
107
108
|
ec2_handler = ec2_handler() if ec2_handler == nil
|
108
109
|
post_message("starting up instance to execute the script (AMI = #{ami_id}) ...")
|
109
110
|
@logger.debug "start up AMI #{ami_id}"
|
@@ -114,6 +115,7 @@ module StateTransitionHelper
|
|
114
115
|
if architecture != "i386"
|
115
116
|
instance_type = "m1.large"
|
116
117
|
end
|
118
|
+
instance_type = type if type != nil
|
117
119
|
arch_log_msg = "Architecture of image #{ami_id} is #{architecture}. Use instance_type #{instance_type}."
|
118
120
|
@logger.info arch_log_msg
|
119
121
|
post_message(arch_log_msg)
|
@@ -150,6 +152,59 @@ module StateTransitionHelper
|
|
150
152
|
return instance_id, dns_name, availability_zone, kernel_id, ramdisk_id, architecture
|
151
153
|
end
|
152
154
|
|
155
|
+
# Start an instance
|
156
|
+
# Input Paramters:
|
157
|
+
# * instance_id => ID of the instance to start
|
158
|
+
# * timeout => a timeout for waiting instance to start to avoid infinite loop (default set to 4m)
|
159
|
+
# Return Parameters (Array):
|
160
|
+
# * instance_id
|
161
|
+
# * public_dns_name
|
162
|
+
def start_instance(instance_id, timeout = 240)
|
163
|
+
dns_name = ""
|
164
|
+
post_message("going to start instance '#{instance_id}'...")
|
165
|
+
res = ec2_handler().describe_instances(:instance_id => instance_id)
|
166
|
+
state = res['reservationSet']['item'][0]['instancesSet']['item'][0]['instanceState']
|
167
|
+
if state['code'].to_i == 16
|
168
|
+
dns_name = res['reservationSet']['item'][0]['instancesSet']['item'][0]['dnsName']
|
169
|
+
msg = "instance '#{instance_id}' already started"
|
170
|
+
@logger.warn "#{msg}"
|
171
|
+
post_message("#{msg}")
|
172
|
+
done = true
|
173
|
+
else
|
174
|
+
@logger.debug "start instance #{instance_id}"
|
175
|
+
ec2_handler().start_instances(:instance_id => instance_id)
|
176
|
+
end
|
177
|
+
while timeout > 0 && !done
|
178
|
+
res = ec2_handler().describe_instances(:instance_id => instance_id)
|
179
|
+
state = res['reservationSet']['item'][0]['instancesSet']['item'][0]['instanceState']
|
180
|
+
@logger.debug "instance in state '#{state['name']}' (#{state['code']})"
|
181
|
+
if state['code'].to_i == 16
|
182
|
+
done = true
|
183
|
+
timeout = 0
|
184
|
+
dns_name = res['reservationSet']['item'][0]['instancesSet']['item'][0]['dnsName']
|
185
|
+
elsif state['code'].to_i != 0
|
186
|
+
done = false
|
187
|
+
timeout = 0
|
188
|
+
msg = "instance in state '#{state['name']}'"
|
189
|
+
@logger.error "#{msg}"
|
190
|
+
post_message("#{msg}")
|
191
|
+
end
|
192
|
+
sleep(5)
|
193
|
+
timeout -= 5
|
194
|
+
end
|
195
|
+
msg = ""
|
196
|
+
if !done
|
197
|
+
msg = "Failed to start instance '#{instance_id}"
|
198
|
+
@logger.error "#{msg}"
|
199
|
+
raise Exception.new("Unable to start instance '#{instance_id}'}")
|
200
|
+
else
|
201
|
+
msg = "'#{instance_id}' successfully started"
|
202
|
+
@logger.info "#{msg}"
|
203
|
+
end
|
204
|
+
post_message("#{msg}")
|
205
|
+
return instance_id, dns_name
|
206
|
+
end
|
207
|
+
|
153
208
|
# Shuts down an instance.
|
154
209
|
# Input Parameters:
|
155
210
|
# * instance_id => ID of the instance to be shut down
|
@@ -270,11 +325,12 @@ module StateTransitionHelper
|
|
270
325
|
msg = ""
|
271
326
|
if !done
|
272
327
|
msg = "Failed to attach volume '#{volume_id}' to instance '#{instance_id}"
|
328
|
+
@logger.error "#{msg}"
|
273
329
|
raise Exception.new("volume #{mount_point} not attached")
|
274
330
|
else
|
275
331
|
msg = "volume #{volume_id} successfully attached"
|
332
|
+
@logger.info "#{msg}"
|
276
333
|
end
|
277
|
-
@logger.error "#{msg}"
|
278
334
|
post_message("#{msg}")
|
279
335
|
end
|
280
336
|
|
@@ -304,11 +360,12 @@ module StateTransitionHelper
|
|
304
360
|
msg = ""
|
305
361
|
if !done
|
306
362
|
msg = "Failed to detach volume '#{volume_id}' from instance '#{instance_id}"
|
363
|
+
@logger.error "#{msg}"
|
307
364
|
raise Exception.new("volume #{mount_point} not detached")
|
308
365
|
else
|
309
366
|
msg = "volume #{volume_id} successfully detached"
|
367
|
+
@logger.info "#{msg}"
|
310
368
|
end
|
311
|
-
@logger.error "#{msg}"
|
312
369
|
post_message("#{msg}")
|
313
370
|
end
|
314
371
|
|
@@ -0,0 +1,150 @@
|
|
1
|
+
require "help/script_execution_state"
|
2
|
+
require "scripts/ec2/ec2_script"
|
3
|
+
require "help/remote_command_handler"
|
4
|
+
require "help/ec2_helper"
|
5
|
+
require "audit/lib/audit"
|
6
|
+
require "AWS"
|
7
|
+
require 'pp'
|
8
|
+
|
9
|
+
# Audit an AMI or an instance via an SSH connection using a specific benchmark
|
10
|
+
#
|
11
|
+
|
12
|
+
class AuditViaSsh < Ec2Script
|
13
|
+
# Input parameters
|
14
|
+
# * ec2_api_handler => object that allows to access the EC2 API
|
15
|
+
# * ami_id => the ID of the AMI to be copied in another region
|
16
|
+
# * ssh_username => The username for ssh for source-instance (default = root)
|
17
|
+
# * key_name => Key name of the instance that manages the snaphot-volume in the source region
|
18
|
+
# * ssh_key_data => Key information for the security group that starts the AMI [if not set, use ssh_key_files]
|
19
|
+
|
20
|
+
def initialize(input_params)
|
21
|
+
super(input_params)
|
22
|
+
end
|
23
|
+
|
24
|
+
def check_input_parameters()
|
25
|
+
if @input_params[:ami_id] == nil && @input_params[:instance_id] == nil
|
26
|
+
raise Exception.new("No Instance ID or AMI ID specified")
|
27
|
+
end
|
28
|
+
if @input_params[:ami_id] != nil && !(@input_params[:ami_id] =~ /^ami-.*$/)
|
29
|
+
raise Exception.new("Invalid AMI ID specified")
|
30
|
+
end
|
31
|
+
if @input_params[:instance_id] != nil && !(@input_params[:instance_id] =~ /^i-.*$/)
|
32
|
+
raise Exception.new("Invalid Instance ID specified")
|
33
|
+
end
|
34
|
+
|
35
|
+
if @input_params[:sec_grp_name] == nil
|
36
|
+
@input_params[:sec_grp_name] = "default"
|
37
|
+
end
|
38
|
+
if @input_params[:audit_type] != nil && @input_params[:audit_type].casecmp("SSH")
|
39
|
+
@input_params[:benchmark_file] = "./lib/audit/benchmark_ssh.zip"
|
40
|
+
elsif @input_params[:audit_type] != nil && @input_params[:audit_type].casecmp("APACHE")
|
41
|
+
@input_params[:benchmark_file] = "./lib/audit/benchmark_apache.zip"
|
42
|
+
else
|
43
|
+
raise Exception.new("Invalid Audit '#{@input_params[:audit_type]}' specified")
|
44
|
+
end
|
45
|
+
ec2_helper = Ec2Helper.new(@input_params[:ec2_api_handler])
|
46
|
+
if !ec2_helper.check_open_port(@input_params[:sec_grp_name], 22)
|
47
|
+
raise Exception.new("Port 22 must be opened for security group 'default' to connect via SSH")
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def load_initial_state()
|
52
|
+
AuditViaSshState.load_state(@input_params)
|
53
|
+
end
|
54
|
+
|
55
|
+
private
|
56
|
+
|
57
|
+
# Here begins the state machine implementation
|
58
|
+
class AuditViaSshState < ScriptExecutionState
|
59
|
+
def self.load_state(context)
|
60
|
+
state = context[:initial_state] == nil ? InitialState.new(context) : context[:initial_state]
|
61
|
+
state
|
62
|
+
end
|
63
|
+
|
64
|
+
end
|
65
|
+
|
66
|
+
# Start an instance and wait for it to be UP and running
|
67
|
+
# Create a temporary directory
|
68
|
+
class InitialState < AuditViaSshState
|
69
|
+
def enter
|
70
|
+
instances_info = []
|
71
|
+
tmp_dir = ""
|
72
|
+
if @context[:ami_id] != nil
|
73
|
+
instance_infos = launch_instance(@context[:ami_id], @context[:ssh_key_name], @context[:sec_grp_name], nil, "t1.micro")
|
74
|
+
tmp_dir = "/tmp/#{@context[:ami_id]}-#{Time.now().to_i}"
|
75
|
+
elsif @context[:instance_id] != nil
|
76
|
+
instance_infos = start_instance(@context[:instance_id])
|
77
|
+
tmp_dir = "/tmp/#{@context[:instance_id]}-#{Time.now().to_i}"
|
78
|
+
else
|
79
|
+
raise Exception.new("No Instance ID or AMI ID specified (should have been catched earlier)")
|
80
|
+
end
|
81
|
+
@context[:instance_id] = instance_infos[0]
|
82
|
+
@context[:public_dns_name] = instance_infos[1]
|
83
|
+
@context[:tmp_dir] = tmp_dir
|
84
|
+
#puts "DEBUG: Audit Scripts"
|
85
|
+
#pp @context
|
86
|
+
|
87
|
+
Dir::mkdir(tmp_dir)
|
88
|
+
if FileTest::directory?(tmp_dir)
|
89
|
+
post_message("local temporary directory created")
|
90
|
+
end
|
91
|
+
|
92
|
+
LaunchAuditViaSsh.new(@context)
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
# Launch the audit via SSH
|
97
|
+
class LaunchAuditViaSsh < AuditViaSshState
|
98
|
+
def enter
|
99
|
+
audit = Audit.new(:benchmark => @context[:benchmark_file], :attachment_dir => @context[:tmp_dir],
|
100
|
+
:connection_type => :ssh,
|
101
|
+
:connection_params => {:user => @context[:ssh_user],
|
102
|
+
:keys => @context[:ssh_key_file],
|
103
|
+
:host => @context[:public_dns_name],
|
104
|
+
:paranoid => false},
|
105
|
+
:logger => nil)
|
106
|
+
audit.start(false)
|
107
|
+
@context[:result][:audit_test] = []
|
108
|
+
audit.results.each() {|key, value|
|
109
|
+
if key =~ /^SSH_.*$/ || key =~ /^APACHE2_.*$/
|
110
|
+
#puts "DEBUG: Key: #{key}, Result: #{value.result}, Desc: #{value.rule.description}"
|
111
|
+
@context[:result][:audit_test] << {:name => key, :desc => value.rule.description, :status => value.result}
|
112
|
+
post_message("== > Test #{key}: Status: #{value.result.eql?("pass") ? "OK" : "NOK"}\n Desc: #{value.rule.description}")
|
113
|
+
end
|
114
|
+
}
|
115
|
+
CleanUpAuditViaSsh.new(@context)
|
116
|
+
end
|
117
|
+
end
|
118
|
+
|
119
|
+
# Terminate an instance
|
120
|
+
class CleanUpAuditViaSsh < AuditViaSshState
|
121
|
+
def enter
|
122
|
+
if @context[:ami_id] != nil
|
123
|
+
shut_down_instance(@context[:instance_id])
|
124
|
+
elsif @context[:instance_id] != nil
|
125
|
+
#TODO: stop the instance only if you have started it
|
126
|
+
#stop_instance(@context[:instance_id])
|
127
|
+
else
|
128
|
+
raise Exception.new("No Instance ID or AMI ID specified (should have been catched earlier)")
|
129
|
+
end
|
130
|
+
|
131
|
+
AnalyseAuditViaSsh.new(@context)
|
132
|
+
end
|
133
|
+
end
|
134
|
+
|
135
|
+
# Analyse audit via SSH results
|
136
|
+
class AnalyseAuditViaSsh < AuditViaSshState
|
137
|
+
def enter
|
138
|
+
|
139
|
+
Done.new(@context)
|
140
|
+
end
|
141
|
+
end
|
142
|
+
|
143
|
+
# Script done.
|
144
|
+
class Done < AuditViaSshState
|
145
|
+
def done?
|
146
|
+
true
|
147
|
+
end
|
148
|
+
end
|
149
|
+
|
150
|
+
end
|
@@ -12,7 +12,7 @@ class Ec2Script
|
|
12
12
|
@progress_message_listeners = []
|
13
13
|
if input_params[:logger] == nil
|
14
14
|
@logger = Logger.new(STDOUT)
|
15
|
-
@logger
|
15
|
+
@logger.level = Logger::WARN
|
16
16
|
input_params[:logger] = @logger
|
17
17
|
else
|
18
18
|
@logger = input_params[:logger]
|
metadata
CHANGED
@@ -1,12 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: CloudyScripts
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
+
hash: 13
|
4
5
|
prerelease: false
|
5
6
|
segments:
|
6
7
|
- 1
|
7
|
-
-
|
8
|
-
-
|
9
|
-
version: 1.
|
8
|
+
- 8
|
9
|
+
- 29
|
10
|
+
version: 1.8.29
|
10
11
|
platform: ruby
|
11
12
|
authors:
|
12
13
|
- Matthias Jung
|
@@ -14,16 +15,18 @@ autorequire:
|
|
14
15
|
bindir: bin
|
15
16
|
cert_chain: []
|
16
17
|
|
17
|
-
date: 2011-07-
|
18
|
+
date: 2011-07-07 00:00:00 +00:00
|
18
19
|
default_executable:
|
19
20
|
dependencies:
|
20
21
|
- !ruby/object:Gem::Dependency
|
21
22
|
name: amazon-ec2
|
22
23
|
prerelease: false
|
23
24
|
requirement: &id001 !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
24
26
|
requirements:
|
25
27
|
- - ">="
|
26
28
|
- !ruby/object:Gem::Version
|
29
|
+
hash: 3
|
27
30
|
segments:
|
28
31
|
- 0
|
29
32
|
version: "0"
|
@@ -33,9 +36,11 @@ dependencies:
|
|
33
36
|
name: net-ssh
|
34
37
|
prerelease: false
|
35
38
|
requirement: &id002 !ruby/object:Gem::Requirement
|
39
|
+
none: false
|
36
40
|
requirements:
|
37
41
|
- - ">="
|
38
42
|
- !ruby/object:Gem::Version
|
43
|
+
hash: 3
|
39
44
|
segments:
|
40
45
|
- 0
|
41
46
|
version: "0"
|
@@ -45,9 +50,11 @@ dependencies:
|
|
45
50
|
name: net-scp
|
46
51
|
prerelease: false
|
47
52
|
requirement: &id003 !ruby/object:Gem::Requirement
|
53
|
+
none: false
|
48
54
|
requirements:
|
49
55
|
- - ">="
|
50
56
|
- !ruby/object:Gem::Version
|
57
|
+
hash: 3
|
51
58
|
segments:
|
52
59
|
- 0
|
53
60
|
version: "0"
|
@@ -66,191 +73,199 @@ files:
|
|
66
73
|
- LICENSE
|
67
74
|
- README.rdoc
|
68
75
|
- Rakefile
|
69
|
-
- lib/audit/checks/APACHE2.group
|
70
|
-
- lib/audit/checks/APACHE2_CONFIG_01.check
|
71
|
-
- lib/audit/checks/APACHE2_CONFIG_02.check
|
72
|
-
- lib/audit/checks/APACHE2_CONFIG_03.check
|
73
76
|
- lib/audit/checks/APACHE2_CONFIG_04.check
|
74
|
-
- lib/audit/checks/
|
75
|
-
- lib/audit/checks/
|
76
|
-
- lib/audit/checks/
|
77
|
-
- lib/audit/checks/
|
78
|
-
- lib/audit/checks/
|
79
|
-
- lib/audit/checks/
|
80
|
-
- lib/audit/checks/
|
77
|
+
- lib/audit/checks/LYNIS_AUTH.group
|
78
|
+
- lib/audit/checks/LOGGED_USERS.check
|
79
|
+
- lib/audit/checks/HAS_FILE_DOWNLOADER.check
|
80
|
+
- lib/audit/checks/MYSQL_HISTORY_1.check
|
81
|
+
- lib/audit/checks/DISTRIBUTION_FACTS.check
|
82
|
+
- lib/audit/checks/HAS_ID.check
|
83
|
+
- lib/audit/checks/MAYBE_HAS_TAR.check
|
84
|
+
- lib/audit/checks/FIND_SHADOW_FILE.check
|
85
|
+
- lib/audit/checks/HAS_UNAME.check
|
86
|
+
- lib/audit/checks/HAS_LSB_RELEASE.check
|
87
|
+
- lib/audit/checks/MYSQL_INIT_3.check
|
88
|
+
- lib/audit/checks/VARIOUS.group
|
81
89
|
- lib/audit/checks/BACKUP_LOG.check
|
82
|
-
- lib/audit/checks/
|
83
|
-
- lib/audit/checks/
|
90
|
+
- lib/audit/checks/PLATFORM_FACTS.check
|
91
|
+
- lib/audit/checks/script_header.template
|
92
|
+
- lib/audit/checks/SSH_CONFIG_03.check
|
93
|
+
- lib/audit/checks/benchmark.group.ssh
|
84
94
|
- lib/audit/checks/benchmark.group
|
85
|
-
- lib/audit/checks/
|
86
|
-
- lib/audit/checks/
|
87
|
-
- lib/audit/checks/DISTRIBUTION_FACTS.check
|
88
|
-
- lib/audit/checks/DMESG_OUTPUT.check
|
89
|
-
- lib/audit/checks/FIND_GROUP_FILE.check
|
95
|
+
- lib/audit/checks/LYNIS_AUTH_9208.check
|
96
|
+
- lib/audit/checks/SSH_CONFIG_10.check
|
90
97
|
- lib/audit/checks/FIND_PASSWD_FILE.check
|
91
|
-
- lib/audit/checks/
|
92
|
-
- lib/audit/checks/
|
93
|
-
- lib/audit/checks/
|
94
|
-
- lib/audit/checks/
|
95
|
-
- lib/audit/checks/
|
96
|
-
- lib/audit/checks/HAS_BASE.check
|
98
|
+
- lib/audit/checks/LYNIS_AUTH_9204.check
|
99
|
+
- lib/audit/checks/SSH_CONFIG_09.check
|
100
|
+
- lib/audit/checks/MYSQL_INIT_2.check
|
101
|
+
- lib/audit/checks/HAS_GROUPS.check
|
102
|
+
- lib/audit/checks/LOADED_MODULES.check
|
97
103
|
- lib/audit/checks/HAS_CAT.check
|
98
|
-
- lib/audit/checks/
|
99
|
-
- lib/audit/checks/
|
104
|
+
- lib/audit/checks/HAS_SUPERUSER.check
|
105
|
+
- lib/audit/checks/SLOW.group
|
106
|
+
- lib/audit/checks/SSH_CONFIG_04.check
|
107
|
+
- lib/audit/checks/benchmark.group.full
|
108
|
+
- lib/audit/checks/LYNIS_AUTH_9226.check
|
109
|
+
- lib/audit/checks/APACHE2_CONFIG_01.check
|
110
|
+
- lib/audit/checks/MAYBE_HAS_UNAME.check
|
100
111
|
- lib/audit/checks/HAS_DF.check
|
101
|
-
- lib/audit/checks/
|
102
|
-
- lib/audit/checks/
|
112
|
+
- lib/audit/checks/HAS_UNIQ.check
|
113
|
+
- lib/audit/checks/APACHE2_INIT_1.check
|
114
|
+
- lib/audit/checks/APACHE2_INIT_2.check
|
115
|
+
- lib/audit/checks/USERS_INIT_2.check
|
116
|
+
- lib/audit/checks/PORTS_OPEN_NETSTAT.check
|
117
|
+
- lib/audit/checks/LIST_ROUTES.check
|
118
|
+
- lib/audit/checks/SSH_CONFIG_06.check
|
119
|
+
- lib/audit/checks/SSH_INIT_1.check
|
120
|
+
- lib/audit/checks/SLOW_1.check
|
121
|
+
- lib/audit/checks/MAYBE_HAS_LSB_RELEASE.check
|
122
|
+
- lib/audit/checks/APACHE2_CONFIG_05.check
|
103
123
|
- lib/audit/checks/HAS_FIND.check
|
104
|
-
- lib/audit/checks/
|
105
|
-
- lib/audit/checks/
|
106
|
-
- lib/audit/checks/
|
107
|
-
- lib/audit/checks/
|
108
|
-
- lib/audit/checks/
|
109
|
-
- lib/audit/checks/HAS_LSB_RELEASE.check
|
110
|
-
- lib/audit/checks/HAS_MOUNT.check
|
124
|
+
- lib/audit/checks/LASTLOG.check
|
125
|
+
- lib/audit/checks/HAS_WHO.check
|
126
|
+
- lib/audit/checks/USERS_INIT_5.check
|
127
|
+
- lib/audit/checks/HAS_TAIL.check
|
128
|
+
- lib/audit/checks/header.template
|
111
129
|
- lib/audit/checks/HAS_NETSTAT.check
|
112
|
-
- lib/audit/checks/
|
113
|
-
- lib/audit/checks/HAS_PS.check
|
130
|
+
- lib/audit/checks/VAR_LIST_HOME_DIRECTORIES.check
|
114
131
|
- lib/audit/checks/HAS_ROUTE.check
|
115
|
-
- lib/audit/checks/
|
132
|
+
- lib/audit/checks/PASSWORD_INFORMATION.check
|
133
|
+
- lib/audit/checks/FIND_SUDOERS_FILE.check
|
134
|
+
- lib/audit/checks/APACHE2_CONFIG_06.check
|
135
|
+
- lib/audit/checks/USERS_INIT_1.check
|
136
|
+
- lib/audit/checks/LYNIS_AUTH_9222.check
|
137
|
+
- lib/audit/checks/BACKUP_MAIL.check
|
138
|
+
- lib/audit/checks/BACKUP_WEB.check
|
139
|
+
- lib/audit/checks/HAS_COMPRESSOR.check
|
140
|
+
- lib/audit/checks/HAS_TAR.check
|
141
|
+
- lib/audit/checks/benchmark.ssh.zip
|
142
|
+
- lib/audit/checks/HAS_CUT.check
|
143
|
+
- lib/audit/checks/SLOW_3.check
|
144
|
+
- lib/audit/checks/APACHE2_INIT_3.check
|
145
|
+
- lib/audit/checks/SSH_INIT_2.check
|
146
|
+
- lib/audit/checks/SSH_CONFIG_01.check
|
147
|
+
- lib/audit/checks/benchmark.group.apache
|
148
|
+
- lib/audit/checks/HAS_PASSWD_CHECK.check
|
149
|
+
- lib/audit/checks/USER_INFORMATION.check
|
150
|
+
- lib/audit/checks/SSH_CONFIG_11.check
|
151
|
+
- lib/audit/checks/HAS_DPKG.check
|
116
152
|
- lib/audit/checks/HAS_SORT.check
|
153
|
+
- lib/audit/checks/MAYBE_HAS_WGET.check
|
154
|
+
- lib/audit/checks/APACHE2.group
|
155
|
+
- lib/audit/checks/APACHE2_USER_7.check
|
156
|
+
- lib/audit/checks/SSH_CONFIG_08.check
|
157
|
+
- lib/audit/checks/SSH_CONFIG_07.check
|
158
|
+
- lib/audit/checks/SSH_CONFIG_02.check
|
159
|
+
- lib/audit/checks/LYNIS_AUTH_9228.check
|
160
|
+
- lib/audit/checks/FIND_GROUP_FILE.check
|
161
|
+
- lib/audit/checks/USERS_INIT_3.check
|
162
|
+
- lib/audit/checks/HAS_YUM.check
|
163
|
+
- lib/audit/checks/MAYBE_HAS_ID.check
|
164
|
+
- lib/audit/checks/SLOW_2.check
|
165
|
+
- lib/audit/checks/HAS_MOUNT.check
|
166
|
+
- lib/audit/checks/HAS_AWK.check
|
167
|
+
- lib/audit/checks/MOUNTED_DEVICES.check
|
168
|
+
- lib/audit/checks/MAYBE_HAS_HOSTNAME.check
|
169
|
+
- lib/audit/checks/SSH_CONFIG_05.check
|
170
|
+
- lib/audit/checks/HAS_BASE.check
|
171
|
+
- lib/audit/checks/HAS_GREP.check
|
172
|
+
- lib/audit/checks/SSH_KEYS_1.check
|
173
|
+
- lib/audit/checks/MAYBE_HAS_DU.check
|
174
|
+
- lib/audit/checks/PACKAGES_INSTALLED_YUM.check
|
117
175
|
- lib/audit/checks/HAS_STAT.check
|
118
|
-
- lib/audit/checks/HAS_SUPERUSER.check
|
119
|
-
- lib/audit/checks/HAS_TAIL.check
|
120
|
-
- lib/audit/checks/HAS_TAR.check
|
121
176
|
- lib/audit/checks/HAS_TR.check
|
122
|
-
- lib/audit/checks/
|
123
|
-
- lib/audit/checks/HAS_UNIQ.check
|
124
|
-
- lib/audit/checks/HAS_WC.check
|
125
|
-
- lib/audit/checks/HAS_WHO.check
|
126
|
-
- lib/audit/checks/HAS_YUM.check
|
127
|
-
- lib/audit/checks/header.template
|
128
|
-
- lib/audit/checks/helpers/head.sh
|
129
|
-
- lib/audit/checks/LASTLOG.check
|
130
|
-
- lib/audit/checks/LIST_ROUTES.check
|
131
|
-
- lib/audit/checks/LIST_USER_ACCOUNTS.check
|
132
|
-
- lib/audit/checks/LOADED_MODULES.check
|
133
|
-
- lib/audit/checks/LOCAL_NMAP.check
|
134
|
-
- lib/audit/checks/LOGGED_USERS.check
|
135
|
-
- lib/audit/checks/LYNIS_AUTH.group
|
136
|
-
- lib/audit/checks/LYNIS_AUTH_9204.check
|
137
|
-
- lib/audit/checks/LYNIS_AUTH_9208.check
|
138
|
-
- lib/audit/checks/LYNIS_AUTH_9216.check
|
139
|
-
- lib/audit/checks/LYNIS_AUTH_9222.check
|
140
|
-
- lib/audit/checks/LYNIS_AUTH_9226.check
|
141
|
-
- lib/audit/checks/LYNIS_AUTH_9228.check
|
177
|
+
- lib/audit/checks/HAS_PS.check
|
142
178
|
- lib/audit/checks/LYNIS_AUTH_9252.check
|
143
|
-
- lib/audit/checks/
|
144
|
-
- lib/audit/checks/
|
145
|
-
- lib/audit/checks/
|
146
|
-
- lib/audit/checks/
|
147
|
-
- lib/audit/checks/
|
148
|
-
- lib/audit/checks/
|
179
|
+
- lib/audit/checks/CONFIGURATION_BACKUP.check
|
180
|
+
- lib/audit/checks/HAS_SH.check
|
181
|
+
- lib/audit/checks/HAS_GROUPCHECK.check
|
182
|
+
- lib/audit/checks/LOCAL_NMAP.check
|
183
|
+
- lib/audit/checks/APACHE2_CONFIG_02.check
|
184
|
+
- lib/audit/checks/footer.template
|
185
|
+
- lib/audit/checks/DIRECTORY_LISTING.check
|
186
|
+
- lib/audit/checks/FREE_SPACE.check
|
187
|
+
- lib/audit/checks/LIST_USER_ACCOUNTS.check
|
188
|
+
- lib/audit/checks/APACHE2_CONFIG_03.check
|
149
189
|
- lib/audit/checks/MAYBE_HAS_SUPERUSER.check
|
150
|
-
- lib/audit/checks/
|
151
|
-
- lib/audit/checks/
|
152
|
-
- lib/audit/checks/
|
153
|
-
- lib/audit/checks/MOUNTED_DEVICES.check
|
154
|
-
- lib/audit/checks/MYSQL_HISTORY_1.check
|
190
|
+
- lib/audit/checks/MAYBE_HAS_CURL.check
|
191
|
+
- lib/audit/checks/DMESG_OUTPUT.check
|
192
|
+
- lib/audit/checks/HAS_WC.check
|
155
193
|
- lib/audit/checks/MYSQL_INIT_1.check
|
156
|
-
- lib/audit/checks/MYSQL_INIT_2.check
|
157
|
-
- lib/audit/checks/MYSQL_INIT_3.check
|
158
|
-
- lib/audit/checks/PACKAGES_INSTALLED_DPKG.check
|
159
|
-
- lib/audit/checks/PACKAGES_INSTALLED_YUM.check
|
160
|
-
- lib/audit/checks/PASSWORD_INFORMATION.check
|
161
|
-
- lib/audit/checks/PLATFORM_FACTS.check
|
162
|
-
- lib/audit/checks/PORTS_OPEN_NETSTAT.check
|
163
194
|
- lib/audit/checks/PROCESS_LIST.check
|
164
|
-
- lib/audit/checks/
|
165
|
-
- lib/audit/checks/SLOW.group
|
166
|
-
- lib/audit/checks/SLOW_1.check
|
167
|
-
- lib/audit/checks/SLOW_2.check
|
168
|
-
- lib/audit/checks/SLOW_3.check
|
169
|
-
- lib/audit/checks/SSH.group
|
170
|
-
- lib/audit/checks/SSH_CONFIG_01.check
|
171
|
-
- lib/audit/checks/SSH_CONFIG_02.check
|
172
|
-
- lib/audit/checks/SSH_CONFIG_03.check
|
173
|
-
- lib/audit/checks/SSH_CONFIG_04.check
|
174
|
-
- lib/audit/checks/SSH_CONFIG_05.check
|
175
|
-
- lib/audit/checks/SSH_CONFIG_06.check
|
176
|
-
- lib/audit/checks/SSH_CONFIG_07.check
|
177
|
-
- lib/audit/checks/SSH_CONFIG_08.check
|
178
|
-
- lib/audit/checks/SSH_CONFIG_09.check
|
179
|
-
- lib/audit/checks/SSH_CONFIG_10.check
|
180
|
-
- lib/audit/checks/SSH_CONFIG_11.check
|
181
|
-
- lib/audit/checks/SSH_INIT_1.check
|
182
|
-
- lib/audit/checks/SSH_INIT_2.check
|
183
|
-
- lib/audit/checks/SSH_KEYS_1.check
|
184
|
-
- lib/audit/checks/USER_INFORMATION.check
|
185
|
-
- lib/audit/checks/USERS_INIT_1.check
|
186
|
-
- lib/audit/checks/USERS_INIT_2.check
|
187
|
-
- lib/audit/checks/USERS_INIT_3.check
|
195
|
+
- lib/audit/checks/helpers/head.sh
|
188
196
|
- lib/audit/checks/USERS_INIT_4.check
|
189
|
-
- lib/audit/checks/
|
190
|
-
- lib/audit/checks/
|
191
|
-
- lib/audit/checks/
|
192
|
-
- lib/audit/
|
193
|
-
- lib/audit/
|
197
|
+
- lib/audit/checks/BACKUP_HOME_DOTFILES.check
|
198
|
+
- lib/audit/checks/PACKAGES_INSTALLED_DPKG.check
|
199
|
+
- lib/audit/checks/HAS_HOSTNAME.check
|
200
|
+
- lib/audit/checks/MAYBE_HAS_BZIP2.check
|
201
|
+
- lib/audit/checks/SSH.group
|
202
|
+
- lib/audit/checks/LYNIS_AUTH_9216.check
|
203
|
+
- lib/audit/benchmark_apache.zip
|
204
|
+
- lib/audit/lib/ssh_utils.rb
|
205
|
+
- lib/audit/lib/http_fingerprint.rb
|
206
|
+
- lib/audit/lib/ssh_fingerprint2.rb
|
207
|
+
- lib/audit/lib/nessus_utils.rb
|
208
|
+
- lib/audit/lib/my_option_parser.rb
|
209
|
+
- lib/audit/lib/util/random_string.rb
|
210
|
+
- lib/audit/lib/main.rb
|
194
211
|
- lib/audit/lib/audit_facade.rb
|
212
|
+
- lib/audit/lib/benchmark/check.rb
|
213
|
+
- lib/audit/lib/benchmark/rule_result.rb
|
214
|
+
- lib/audit/lib/benchmark/rule_severity.rb
|
215
|
+
- lib/audit/lib/benchmark/item_exception.rb
|
216
|
+
- lib/audit/lib/benchmark/result_code.rb
|
195
217
|
- lib/audit/lib/benchmark/audit_benchmark.rb
|
196
|
-
- lib/audit/lib/benchmark/
|
218
|
+
- lib/audit/lib/benchmark/yaml_benchmark.rb
|
197
219
|
- lib/audit/lib/benchmark/benchmark_factory.rb
|
198
220
|
- lib/audit/lib/benchmark/benchmark_result.rb
|
199
|
-
- lib/audit/lib/benchmark/
|
221
|
+
- lib/audit/lib/benchmark/automatic_dependencies.rb
|
200
222
|
- lib/audit/lib/benchmark/group.rb
|
201
|
-
- lib/audit/lib/benchmark/item_exception.rb
|
202
|
-
- lib/audit/lib/benchmark/result_code.rb
|
203
|
-
- lib/audit/lib/benchmark/rule_result.rb
|
204
223
|
- lib/audit/lib/benchmark/rule_role.rb
|
205
|
-
- lib/audit/lib/
|
206
|
-
- lib/audit/lib/
|
207
|
-
- lib/audit/lib/
|
208
|
-
- lib/audit/lib/connection/connection_factory.rb
|
209
|
-
- lib/audit/lib/connection/ssh_connection.rb
|
210
|
-
- lib/audit/lib/ec2_utils.rb
|
211
|
-
- lib/audit/lib/http_fingerprint.rb
|
212
|
-
- lib/audit/lib/lazy.rb
|
213
|
-
- lib/audit/lib/linear_script_generator.rb
|
214
|
-
- lib/audit/lib/main.rb
|
215
|
-
- lib/audit/lib/my_option_parser.rb
|
224
|
+
- lib/audit/lib/transformers/web_view_transformer.rb
|
225
|
+
- lib/audit/lib/transformers/yaml_transformer.rb
|
226
|
+
- lib/audit/lib/audit.rb
|
216
227
|
- lib/audit/lib/nessus_new.rb
|
217
|
-
- lib/audit/lib/
|
218
|
-
- lib/audit/lib/parser/
|
219
|
-
- lib/audit/lib/parser/
|
220
|
-
- lib/audit/lib/parser/
|
221
|
-
- lib/audit/lib/parser/
|
222
|
-
- lib/audit/lib/parser/command/cpe_name_command.rb
|
223
|
-
- lib/audit/lib/parser/command/data_command.rb
|
228
|
+
- lib/audit/lib/linear_script_generator.rb
|
229
|
+
- lib/audit/lib/parser/result_type.rb
|
230
|
+
- lib/audit/lib/parser/parse_exception.rb
|
231
|
+
- lib/audit/lib/parser/stdout_line_buffer.rb
|
232
|
+
- lib/audit/lib/parser/script_output_parser.rb
|
224
233
|
- lib/audit/lib/parser/command/listening_port_command.rb
|
234
|
+
- lib/audit/lib/parser/command/check_finished_command.rb
|
225
235
|
- lib/audit/lib/parser/command/message_command.rb
|
236
|
+
- lib/audit/lib/parser/command/data_command.rb
|
237
|
+
- lib/audit/lib/parser/command/cpe_name_command.rb
|
238
|
+
- lib/audit/lib/parser/command/attach_file_command.rb
|
239
|
+
- lib/audit/lib/parser/command/abstract_command_result.rb
|
226
240
|
- lib/audit/lib/parser/command/program_name_command.rb
|
227
|
-
- lib/audit/lib/parser/
|
228
|
-
- lib/audit/lib/parser/result_type.rb
|
229
|
-
- lib/audit/lib/parser/script_output_parser.rb
|
230
|
-
- lib/audit/lib/parser/stdout_line_buffer.rb
|
241
|
+
- lib/audit/lib/parser/command/abstract_command.rb
|
231
242
|
- lib/audit/lib/ssh_fingerprint.rb
|
232
|
-
- lib/audit/lib/
|
233
|
-
- lib/audit/lib/
|
234
|
-
- lib/audit/lib/
|
235
|
-
- lib/audit/lib/
|
236
|
-
- lib/audit/lib/
|
243
|
+
- lib/audit/lib/ec2_utils.rb
|
244
|
+
- lib/audit/lib/lazy.rb
|
245
|
+
- lib/audit/lib/connection/ami_connection.rb
|
246
|
+
- lib/audit/lib/connection/ssh_connection.rb
|
247
|
+
- lib/audit/lib/connection/connection_factory.rb
|
237
248
|
- lib/audit/lib/version.rb
|
238
|
-
- lib/
|
239
|
-
- lib/
|
240
|
-
- lib/
|
241
|
-
- lib/
|
242
|
-
- lib/
|
243
|
-
- lib/help/script_execution_state.rb
|
244
|
-
- lib/help/state_change_listener.rb
|
245
|
-
- lib/help/state_transition_helper.rb
|
249
|
+
- lib/audit/create_benchmark.sh
|
250
|
+
- lib/audit/benchmark_full.zip
|
251
|
+
- lib/audit/benchmark_ssh.zip
|
252
|
+
- lib/scripts/ec2/port_range_detector.rb
|
253
|
+
- lib/scripts/ec2/dm_encrypt.rb
|
246
254
|
- lib/scripts/ec2/ami2_ebs_conversion.rb
|
255
|
+
- lib/scripts/ec2/audit_via_ssh.rb
|
256
|
+
- lib/scripts/ec2/open_port_checker.rb
|
247
257
|
- lib/scripts/ec2/copy_ami.rb
|
248
258
|
- lib/scripts/ec2/copy_snapshot.rb
|
249
|
-
- lib/scripts/ec2/dm_encrypt.rb
|
250
|
-
- lib/scripts/ec2/download_snapshot.rb
|
251
259
|
- lib/scripts/ec2/ec2_script.rb
|
252
|
-
- lib/scripts/ec2/
|
253
|
-
- lib/
|
260
|
+
- lib/scripts/ec2/download_snapshot.rb
|
261
|
+
- lib/help/ec2_helper.rb
|
262
|
+
- lib/help/dm_crypt_helper.rb
|
263
|
+
- lib/help/state_transition_helper.rb
|
264
|
+
- lib/help/script_execution_state.rb
|
265
|
+
- lib/help/progress_message_listener.rb
|
266
|
+
- lib/help/remote_command_handler.rb
|
267
|
+
- lib/help/state_change_listener.rb
|
268
|
+
- lib/cloudyscripts.rb
|
254
269
|
has_rdoc: true
|
255
270
|
homepage: http://elastic-security.com
|
256
271
|
licenses: []
|
@@ -261,23 +276,27 @@ rdoc_options: []
|
|
261
276
|
require_paths:
|
262
277
|
- lib
|
263
278
|
required_ruby_version: !ruby/object:Gem::Requirement
|
279
|
+
none: false
|
264
280
|
requirements:
|
265
281
|
- - ">="
|
266
282
|
- !ruby/object:Gem::Version
|
283
|
+
hash: 3
|
267
284
|
segments:
|
268
285
|
- 0
|
269
286
|
version: "0"
|
270
287
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
288
|
+
none: false
|
271
289
|
requirements:
|
272
290
|
- - ">="
|
273
291
|
- !ruby/object:Gem::Version
|
292
|
+
hash: 3
|
274
293
|
segments:
|
275
294
|
- 0
|
276
295
|
version: "0"
|
277
296
|
requirements: []
|
278
297
|
|
279
298
|
rubyforge_project: cloudyscripts
|
280
|
-
rubygems_version: 1.3.
|
299
|
+
rubygems_version: 1.3.7
|
281
300
|
signing_key:
|
282
301
|
specification_version: 3
|
283
302
|
summary: Scripts to facilitate programming for infrastructure clouds.
|